Browse all 3 CVE security advisories affecting Webliberty. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Webliberty is a web application framework primarily used for developing content management systems and e-commerce platforms. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure default configurations. The framework's three recorded CVEs highlight these recurring issues, with one incident allowing attackers to execute arbitrary code through unauthenticated API endpoints. Webliberty's security posture has been characterized by delayed patch releases and inconsistent security documentation, potentially exposing implementations to exploitation if not properly maintained and updated.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31020 | WordPress Simple Spoiler plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability — Simple SpoilerCWE-79 | 6.5 | Medium | 2025-04-09 |
| CVE-2024-8479 | Simple Spoiler 1.2 - 1.3 - Unauthenticated Arbitrary Shortcode Execution — Simple SpoilerCWE-94 | 7.3 | High | 2024-09-14 |
| CVE-2024-35639 | WordPress Simple Spoiler plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability — Simple SpoilerCWE-79 | 5.9 | Medium | 2024-06-03 |
This page lists every published CVE security advisory associated with Webliberty. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.